Split all rules left hand side into its components, eg
H1.H2.H3 is splitted into { H1, H2, H3 }, then reverse the components and
map that to the rule. In our example above, { org, w3, www} would be mapped
to direct.

Split the fully qualified host name into its components, eg, A.B.C is
splitted into { A, B, C } and reverse it.

Find the longest match in the mapping table of rules, and get
apply the given rule.

In our example, a request to www.isi.edu would match
the edu rule, and a request for www.w3.org
would match the direct rule, for example.

Three rules are defined:

direct

Run that request directly against the target host.

forbid

Emit a forbid message, indicating that the user is not
allowed to contact this host.

proxy

Run that request through the given proxy.

proxyauth

Run that request through a proxy with the right proxy
credentials.

For numeric IP addresses, the most significant part is the beginning,
so {A, B, C} are deducted directly. In the example { 138, 96, 24 } is mapped
to direct.

If no rules are applied, then the default rule (root rule) is applied.
See the example.